[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
Starting mcstransd: 
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   27.849743][   T22] kauditd_printk_skb: 40 callbacks suppressed
[   27.849750][   T22] audit: type=1400 audit(1569819883.425:61): avc:  denied  { map } for  pid=6787 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.0.106' (ECDSA) to the list of known hosts.
2019/09/30 05:08:36 parsed 1 programs
[  261.305089][   T22] audit: type=1400 audit(1569820116.875:62): avc:  denied  { map } for  pid=6803 comm="syz-execprog" path="/root/syz-execprog" dev="sda1" ino=16497 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[  261.350642][   T22] audit: type=1400 audit(1569820116.925:63): avc:  denied  { map } for  pid=6803 comm="syz-execprog" path="/sys/kernel/debug/kcov" dev="debugfs" ino=92 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1
[  261.352640][ T3781] kmemleak: Automatic memory scanning thread ended
2019/09/30 05:08:45 executed programs: 0
[  269.992912][ T6818] IPVS: ftp: loaded support on port[0] = 21
[  270.011552][ T6818] chnl_net:caif_netlink_parms(): no params data found
[  270.022728][ T6818] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.030267][ T6818] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.037443][ T6818] device bridge_slave_0 entered promiscuous mode
[  270.044165][ T6818] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.051200][ T6818] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.058412][ T6818] device bridge_slave_1 entered promiscuous mode
[  270.067139][ T6818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  270.076568][ T6818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  270.087753][ T6818] team0: Port device team_slave_0 added
[  270.093595][ T6818] team0: Port device team_slave_1 added
[  270.149470][ T6818] device hsr_slave_0 entered promiscuous mode
[  270.188855][ T6818] device hsr_slave_1 entered promiscuous mode
[  270.280549][ T6818] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.287725][ T6818] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.294965][ T6818] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.301982][ T6818] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.315096][ T6818] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.322983][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  270.330600][ T3539] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.337906][ T3539] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.345392][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  270.354203][ T6818] 8021q: adding VLAN 0 to HW filter on device team0
[  270.361800][ T2928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  270.369927][ T2928] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.376922][ T2928] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.388307][ T6818] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  270.398766][ T6818] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  270.409904][ T6821] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  270.417966][ T6821] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.425019][ T6821] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.432492][ T6821] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  270.440822][ T6821] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  270.448885][ T6821] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  270.456784][ T6821] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  270.465196][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  270.472591][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  270.481999][ T6818] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.496399][   T22] audit: type=1400 audit(1569820126.065:64): avc:  denied  { associate } for  pid=6818 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1
[  271.649071][   T20] device bridge_slave_1 left promiscuous mode
[  271.655240][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.689115][   T20] device bridge_slave_0 left promiscuous mode
[  271.695361][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.889154][   T20] device hsr_slave_0 left promiscuous mode
[  271.948879][   T20] device hsr_slave_1 left promiscuous mode
[  272.010036][   T20] team0 (unregistering): Port device team_slave_1 removed
[  272.017793][   T20] team0 (unregistering): Port device team_slave_0 removed
[  272.025570][   T20] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.089453][   T20] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.162466][   T20] bond0 (unregistering): Released all slaves
2019/09/30 05:08:52 executed programs: 1
2019/09/30 05:08:52 result: hanged=false err=executor 0: failed to write control pipe: write |1: broken pipe

umount(./0/file0) failed (errno 22)
loop exited with status 0
[  276.553592][ T6832] IPVS: ftp: loaded support on port[0] = 21
[  276.571284][ T6832] chnl_net:caif_netlink_parms(): no params data found
[  276.583003][ T6832] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.590194][ T6832] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.597465][ T6832] device bridge_slave_0 entered promiscuous mode
[  276.604207][ T6832] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.611237][ T6832] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.618423][ T6832] device bridge_slave_1 entered promiscuous mode
[  276.627259][ T6832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  276.636733][ T6832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  276.647949][ T6832] team0: Port device team_slave_0 added
[  276.653822][ T6832] team0: Port device team_slave_1 added
[  276.699439][ T6832] device hsr_slave_0 entered promiscuous mode
[  276.738880][ T6832] device hsr_slave_1 entered promiscuous mode
[  276.780601][ T6832] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.787833][ T6832] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.795054][ T6832] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.802154][ T6832] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.815275][ T6832] 8021q: adding VLAN 0 to HW filter on device bond0
[  276.823087][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  276.830580][    T5] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.837751][    T5] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.845241][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  276.854169][ T6832] 8021q: adding VLAN 0 to HW filter on device team0
[  276.861659][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  276.869925][ T3539] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.876931][ T3539] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.888590][ T6832] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  276.898972][ T6832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  276.909971][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  276.918061][ T3539] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.925079][ T3539] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.932529][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  276.940955][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  276.948976][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  276.956836][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  276.964761][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  276.972003][ T3539] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  276.981754][ T6832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  277.979436][ T6840] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
[  278.079068][   T20] device bridge_slave_1 left promiscuous mode
[  278.085183][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.138978][   T20] device bridge_slave_0 left promiscuous mode
[  278.145131][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.328999][   T20] device hsr_slave_0 left promiscuous mode
[  278.378822][   T20] device hsr_slave_1 left promiscuous mode
[  278.419990][   T20] team0 (unregistering): Port device team_slave_1 removed
[  278.427935][   T20] team0 (unregistering): Port device team_slave_0 removed
[  278.435682][   T20] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.499422][   T20] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.532489][   T20] bond0 (unregistering): Released all slaves
[  284.831669][ T6840] kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff888120959480 (size 64):
  comm "syz-executor.0", pid 6827, jiffies 4294964332 (age 14.310s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 01 01 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000aa363c7a>] kmem_cache_alloc_trace+0x145/0x2c0
    [<0000000061ebcc27>] ip6_mc_add_src+0x31f/0x420
    [<00000000086fb6bc>] ip6_mc_source+0x4a8/0x600
    [<0000000018184e69>] do_ipv6_setsockopt.isra.0+0x1b92/0x1dd0
    [<000000008c50074b>] ipv6_setsockopt+0x89/0xd0
    [<00000000d9fa3d41>] tcp_setsockopt+0x46/0x80
    [<00000000fb802b33>] sock_common_setsockopt+0x38/0x50
    [<000000009fe7b950>] __sys_setsockopt+0x10f/0x220
    [<00000000fba6b1a4>] __x64_sys_setsockopt+0x26/0x30
    [<00000000150bd4f3>] do_syscall_64+0x73/0x1f0
    [<00000000c21e1bc5>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811ce64100 (size 64):
  comm "syz-executor.0", pid 6838, jiffies 4294964979 (age 7.840s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 01 01 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000aa363c7a>] kmem_cache_alloc_trace+0x145/0x2c0
    [<0000000061ebcc27>] ip6_mc_add_src+0x31f/0x420
    [<00000000086fb6bc>] ip6_mc_source+0x4a8/0x600
    [<0000000018184e69>] do_ipv6_setsockopt.isra.0+0x1b92/0x1dd0
    [<000000008c50074b>] ipv6_setsockopt+0x89/0xd0
    [<00000000d9fa3d41>] tcp_setsockopt+0x46/0x80
    [<00000000fb802b33>] sock_common_setsockopt+0x38/0x50
    [<000000009fe7b950>] __sys_setsockopt+0x10f/0x220
    [<00000000fba6b1a4>] __x64_sys_setsockopt+0x26/0x30
    [<00000000150bd4f3>] do_syscall_64+0x73/0x1f0
    [<00000000c21e1bc5>] entry_SYSCALL_64_after_hwframe+0x44/0xa9